Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Aide virus svp


B2oBa

Messages recommandés

Salut a tous !!

 

J' ai malheuresement choper pas mal de "merdes" sur mon pc et je sais pas du tout comment on fait pour enlever tous ca :P

Je sais juste qu' il y a plusieurs ptits truc qui me font ralentir enormement le pc :P

 

Si ca peut vous aidez, j' ai win xp sp1, j' ai essayer avec Spybot mais il ne me les enleve pas puis avec ad-aware mais ca fait rebooter mon pc :-P

Voila j' en sais pas bcp plus désolé :-(:P

 

Voila ce que me donne Hijackthis :

 

Logfile of HijackThis v1.99.1

Scan saved at 18:15:29, on 3/09/2005

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Sygate\SPF\Smc.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\wdfmgr.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\Internet Optimizer\optimize.exe

C:\Program Files\Media Access\MediaAccK.exe

C:\Program Files\ISTsvc\istsvc.exe

C:\WINDOWS\etb\pokapoka61.exe

C:\WINDOWS\yttrhgm.exe

C:\WINDOWS\System32\cmd.exe

C:\WINDOWS\etb\pokapoka65.exe

C:\WINDOWS\System32\ctfmon.exe

C:\WINDOWS\System32\devldr32.exe

C:\themeGold55\CursorXP\CursorXP.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\mksvfinal\mirc32.exe

C:\Program Files\Media Access\MediaAccess.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Documents and Settings\Tyler\Bureau\hijackthis_199\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.search123forme.com/sp2.php

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.search123forme.com/sp2.php

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.search123forme.com/sp2.php

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.search123forme.com/sp2.php

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize

O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Windows Installer] C:\WINDOWS\System32\ntdll.exe

O4 - HKLM\..\Run: [Windows Spooler] C:\WINDOWS\System32\spoolsv32.exe

O4 - HKLM\..\Run: [Windows DLL Host] C:\WINDOWS\System32\dllhost32.exe

O4 - HKLM\..\Run: [internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"

O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe

O4 - HKLM\..\Run: [iST Service] C:\Program Files\ISTsvc\istsvc.exe

O4 - HKLM\..\Run: [ThAYZ9] C:\WINDOWS\yttrhgm.exe

O4 - HKLM\..\Run: [bullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe

O4 - HKLM\..\Run: [lsass] C:\windows\system32\elitewrd32.exe

O4 - HKLM\..\Run: [system service65] C:\WINDOWS\etb\pokapoka65.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe

O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr

O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)

O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.145/x15.chm::/trs15.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by20fd.bay20.hotmail.msn.com/resources/MsnPUpld.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

O23 - Service: Leadtek Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe

 

 

J' espere que qqun pourra m' aider :P

Lien vers le commentaire
Partager sur d’autres sites

Bonjour B2oBa, bonjour à tous,

 

Messages : 1
Je te souhaite la bienvenue sur Zeb'Sécurité ! Merci de venir sur notre forum ! :P

 

Applique notre méthode "Pré-Nettoyage d'un PC infecté" -> http://forum.zebulon.fr/index.php?showforum=40

 

Lorsque tu auras posté le rapport HijackThis qui en résulte, nous analyserons et te dirons que faire !

 

---édition : angelique : veux-tu l'analyser ?

Lien vers le commentaire
Partager sur d’autres sites

Voila ce que ca me donne apres avoir fait le nettoyage :P

 

 

Logfile of HijackThis v1.99.1

Scan saved at 16:21:13, on 4/09/2005

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\wdfmgr.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\WINDOWS\System32\ctfmon.exe

C:\themeGold55\CursorXP\CursorXP.exe

C:\WINDOWS\System32\devldr32.exe

C:\Program Files\Real\RealOne Player\RealPlay.exe

C:\WINDOWS\etb\pokapoka65.exe

C:\Documents and Settings\Tyler\Bureau\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.search123forme.com/sp2.php

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.search123forme.com/sp2.php

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.search123forme.com/sp2.php

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.search123forme.com/sp2.php

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize

O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Windows Installer] C:\WINDOWS\System32\ntdll.exe

O4 - HKLM\..\Run: [Windows Spooler] C:\WINDOWS\System32\spoolsv32.exe

O4 - HKLM\..\Run: [Windows DLL Host] C:\WINDOWS\System32\dllhost32.exe

O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe

O4 - HKLM\..\Run: [bullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe

O4 - HKLM\..\Run: [lsass] C:\windows\system32\elitewrd32.exe

O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min

O4 - HKLM\..\Run: [system service65] C:\WINDOWS\etb\pokapoka65.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe

O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr

O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)

O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.145/x15.chm::/trs15.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by20fd.bay20.hotmail.msn.com/resources/MsnPUpld.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE

O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

O23 - Service: Leadtek Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe

 

 

:P

Lien vers le commentaire
Partager sur d’autres sites

Bonjour. Il reste encore pas mal de cochonneries sur ce log, dont Bargain buddy. En attendant qu'IPL ou Stonangel examine ton log tu télécharges Elite toolbar ici :

 

http://www.simplytech.it/ETRemover/index.htm

 

puis, tu redémarres en mode sans échec et tu lances Elite Toolbar puis, tu enregistre le rapport que tu postes avec un nouveau rapport Hijackthis.

Lien vers le commentaire
Partager sur d’autres sites

Voila les logs :P :

 

Registry Log file generated by *** ETRemover - V.2.0.1 ***

04/09/2005 - 17:31:00

 

System info:

 

OS Platform: Microsoft Windows 2000

OS Version: 5.01.2600

OS Update: Service Pack 1

CPU Maker: AuthenticAMD

CPU Model: x86 Family 15 Model 12 Stepping 0

CPU Speed: 2411 MHz

 

 

Running processes:

 

[system process] [sYSTEM]

system [sYSTEM]

smss.exe [\SystemRoot\System32\smss.exe]

csrss.exe [sYSTEM]

winlogon.exe [\??\C:\WINDOWS\system32\winlogon.exe]

services.exe [C:\WINDOWS\system32\services.exe]

lsass.exe [C:\WINDOWS\system32\lsass.exe]

svchost.exe [C:\WINDOWS\system32\svchost.exe]

svchost.exe [C:\WINDOWS\system32\svchost.exe]

explorer.exe [C:\WINDOWS\Explorer.EXE]

etremover_v201.exe [C:\Documents and Settings\Tyler\Bureau\ETRemover_V201\ETRemover_v201.exe]

 

 

------------------------------------------

HKLM -> UserInit in NT:

 

 

DWORD: AutoRestartShell = 1

 

DefaultDomainName = TEST

 

DefaultUserName = Tyler

 

LegalNoticeCaption =

 

LegalNoticeText =

 

PowerdownAfterShutdown = 0

 

ReportBootOk = 1

 

Shell = Explorer.exe

 

ShutdownWithoutLogon = 0

 

System =

 

Userinit = C:\WINDOWS\system32\userinit.exe,

 

VmApplet = rundll32 shell32,Control_RunDLL "sysdm.cpl"

 

DWORD: SfcQuota = -1

 

allocatecdroms = 0

 

allocatedasd = 0

 

allocatefloppies = 0

 

cachedlogonscount = 10

 

DWORD: forceunlocklogon = 0

 

DWORD: passwordexpirywarning = 14

 

scremoveoption = 0

 

DWORD: AllowMultipleTSSessions = 1

 

DWORD: LogonType = 1

 

Background = 0 0 0

 

DebugServerCommand = no

 

DWORD: HibernationPreviouslyEnabled = 1

 

DWORD: SFCDisable = -99

 

WinStationsDisabled = 0

 

DWORD: ShowLogonOptions = 0

 

AltDefaultUserName = Tyler

 

AltDefaultDomainName = TEST

 

AutoAdminLogon = 0

 

KeepRasConnections = 1

 

DWORD: SFCSetting = -99

 

 

 

------------------------------------------

HKCU -> UserInit in NT:

 

 

ParseAutoexec = 1

 

ExcludeProfileDirs = Local Settings;Temporary Internet Files;Historique;Temp

 

DWORD: BuildNumber = 2600

 

 

 

------------------------------------------

HKLM -> UserInit:

 

* Registry key not found *

 

------------------------------------------

HKCU -> UserInit in NT:

 

* Registry key not found *

 

------------------------------------------

Running processes in NT / HKLM -> RUN (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in HKLM -> RUN (Autorun entries from Registry):

 

 

NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe

 

NvCplDaemon = RUNDLL32.EXE NvQTwk,NvCplDaemon initialize

 

SmcService = C:\PROGRA~1\Sygate\SPF\smc.exe -startgui

 

PinnacleDriverCheck = C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg

 

QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime

 

REGSHAVE = C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN

 

TkBellExe = "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

 

Windows Spooler = C:\WINDOWS\System32\spoolsv32.exe

 

Windows DLL Host = C:\WINDOWS\System32\dllhost32.exe

 

Media Access = C:\Program Files\Media Access\MediaAccK.exe

 

BullsEye Network = C:\Program Files\BullsEye Network\bin\bargains.exe

 

lsass = C:\windows\system32\elitewrd32.exe

 

 

 

------------------------------------------

Running processes in HKLM -> RUNONCE (Autorun entries from Registry):

 

* No values found *

 

------------------------------------------

Running processes in HKLM -> RUNONCEEX (Autorun entries from Registry):

 

* No values found *

 

------------------------------------------

Running processes in HKLM -> RUNSERVICES (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in HKLM -> RUNSERVICESONCE (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in NT / HKCU -> RUN (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in HKCU -> RUN (Autorun entries from Registry):

 

 

CTFMON.EXE = C:\WINDOWS\System32\ctfmon.exe

 

CursorXP = C:\themeGold55\CursorXP\CursorXP.exe -s

 

MsnMsgr = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

 

 

 

------------------------------------------

Running processes in HKCU -> RUNONCE (Autorun entries from Registry):

 

* No values found *

 

------------------------------------------

Running processes in HKCU -> RUNONCEEX (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in HKCU -> RUNSERVICES (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in HKCU -> RUNSERVICESONCE (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in HKLM -> Browser Helper Objects:

 

------------------------------------------

Programs in HKLM -> Common Startup:

 

Exif Launcher.lnk

Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk

 

------------------------------------------

Registry Log file generated by *** ETRemover - V.2.0.1 ***

04/09/2005 - 17:31:11

 

System info:

 

OS Platform: Microsoft Windows 2000

OS Version: 5.01.2600

OS Update: Service Pack 1

CPU Maker: AuthenticAMD

CPU Model: x86 Family 15 Model 12 Stepping 0

CPU Speed: 2411 MHz

 

 

Running processes:

 

[system process] [sYSTEM]

system [sYSTEM]

smss.exe [\SystemRoot\System32\smss.exe]

csrss.exe [sYSTEM]

winlogon.exe [\??\C:\WINDOWS\system32\winlogon.exe]

services.exe [C:\WINDOWS\system32\services.exe]

lsass.exe [C:\WINDOWS\system32\lsass.exe]

svchost.exe [C:\WINDOWS\system32\svchost.exe]

svchost.exe [C:\WINDOWS\system32\svchost.exe]

explorer.exe [C:\WINDOWS\Explorer.EXE]

etremover_v201.exe [C:\Documents and Settings\Tyler\Bureau\ETRemover_V201\ETRemover_v201.exe]

 

 

------------------------------------------

HKLM -> UserInit in NT:

 

 

DWORD: AutoRestartShell = 1

 

DefaultDomainName = TEST

 

DefaultUserName = Tyler

 

LegalNoticeCaption =

 

LegalNoticeText =

 

PowerdownAfterShutdown = 0

 

ReportBootOk = 1

 

Shell = Explorer.exe

 

ShutdownWithoutLogon = 0

 

System =

 

Userinit = C:\WINDOWS\system32\userinit.exe,

 

VmApplet = rundll32 shell32,Control_RunDLL "sysdm.cpl"

 

DWORD: SfcQuota = -1

 

allocatecdroms = 0

 

allocatedasd = 0

 

allocatefloppies = 0

 

cachedlogonscount = 10

 

DWORD: forceunlocklogon = 0

 

DWORD: passwordexpirywarning = 14

 

scremoveoption = 0

 

DWORD: AllowMultipleTSSessions = 1

 

DWORD: LogonType = 1

 

Background = 0 0 0

 

DebugServerCommand = no

 

DWORD: HibernationPreviouslyEnabled = 1

 

DWORD: SFCDisable = -99

 

WinStationsDisabled = 0

 

DWORD: ShowLogonOptions = 0

 

AltDefaultUserName = Tyler

 

AltDefaultDomainName = TEST

 

AutoAdminLogon = 0

 

KeepRasConnections = 1

 

DWORD: SFCSetting = -99

 

 

 

------------------------------------------

HKCU -> UserInit in NT:

 

 

ParseAutoexec = 1

 

ExcludeProfileDirs = Local Settings;Temporary Internet Files;Historique;Temp

 

DWORD: BuildNumber = 2600

 

 

 

------------------------------------------

HKLM -> UserInit:

 

* Registry key not found *

 

------------------------------------------

HKCU -> UserInit in NT:

 

* Registry key not found *

 

------------------------------------------

Running processes in NT / HKLM -> RUN (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in HKLM -> RUN (Autorun entries from Registry):

 

 

NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe

 

NvCplDaemon = RUNDLL32.EXE NvQTwk,NvCplDaemon initialize

 

SmcService = C:\PROGRA~1\Sygate\SPF\smc.exe -startgui

 

PinnacleDriverCheck = C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg

 

QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime

 

REGSHAVE = C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN

 

TkBellExe = "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

 

Windows Spooler = C:\WINDOWS\System32\spoolsv32.exe

 

Windows DLL Host = C:\WINDOWS\System32\dllhost32.exe

 

Media Access = C:\Program Files\Media Access\MediaAccK.exe

 

BullsEye Network = C:\Program Files\BullsEye Network\bin\bargains.exe

 

lsass = C:\windows\system32\elitewrd32.exe

 

 

 

------------------------------------------

Running processes in HKLM -> RUNONCE (Autorun entries from Registry):

 

* No values found *

 

------------------------------------------

Running processes in HKLM -> RUNONCEEX (Autorun entries from Registry):

 

* No values found *

 

------------------------------------------

Running processes in HKLM -> RUNSERVICES (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in HKLM -> RUNSERVICESONCE (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in NT / HKCU -> RUN (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in HKCU -> RUN (Autorun entries from Registry):

 

 

CTFMON.EXE = C:\WINDOWS\System32\ctfmon.exe

 

CursorXP = C:\themeGold55\CursorXP\CursorXP.exe -s

 

MsnMsgr = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

 

 

 

------------------------------------------

Running processes in HKCU -> RUNONCE (Autorun entries from Registry):

 

* No values found *

 

------------------------------------------

Running processes in HKCU -> RUNONCEEX (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in HKCU -> RUNSERVICES (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in HKCU -> RUNSERVICESONCE (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in HKLM -> Browser Helper Objects:

 

------------------------------------------

Programs in HKLM -> Common Startup:

 

Exif Launcher.lnk

Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk

 

------------------------------------------

Registry Log file generated by *** ETRemover - V.2.0.1 ***

04/09/2005 - 17:31:45

 

System info:

 

OS Platform: Microsoft Windows 2000

OS Version: 5.01.2600

OS Update: Service Pack 1

CPU Maker: AuthenticAMD

CPU Model: x86 Family 15 Model 12 Stepping 0

CPU Speed: 2411 MHz

 

 

Running processes:

 

[system process] [sYSTEM]

system [sYSTEM]

smss.exe [\SystemRoot\System32\smss.exe]

csrss.exe [sYSTEM]

winlogon.exe [\??\C:\WINDOWS\system32\winlogon.exe]

services.exe [C:\WINDOWS\system32\services.exe]

lsass.exe [C:\WINDOWS\system32\lsass.exe]

svchost.exe [C:\WINDOWS\system32\svchost.exe]

svchost.exe [C:\WINDOWS\system32\svchost.exe]

explorer.exe [C:\WINDOWS\Explorer.EXE]

etremover_v201.exe [C:\Documents and Settings\Tyler\Bureau\ETRemover_V201\ETRemover_v201.exe]

 

 

------------------------------------------

HKLM -> UserInit in NT:

 

 

DWORD: AutoRestartShell = 1

 

DefaultDomainName = TEST

 

DefaultUserName = Tyler

 

LegalNoticeCaption =

 

LegalNoticeText =

 

PowerdownAfterShutdown = 0

 

ReportBootOk = 1

 

Shell = Explorer.exe

 

ShutdownWithoutLogon = 0

 

System =

 

Userinit = C:\WINDOWS\system32\userinit.exe,

 

VmApplet = rundll32 shell32,Control_RunDLL "sysdm.cpl"

 

DWORD: SfcQuota = -1

 

allocatecdroms = 0

 

allocatedasd = 0

 

allocatefloppies = 0

 

cachedlogonscount = 10

 

DWORD: forceunlocklogon = 0

 

DWORD: passwordexpirywarning = 14

 

scremoveoption = 0

 

DWORD: AllowMultipleTSSessions = 1

 

DWORD: LogonType = 1

 

Background = 0 0 0

 

DebugServerCommand = no

 

DWORD: HibernationPreviouslyEnabled = 1

 

DWORD: SFCDisable = -99

 

WinStationsDisabled = 0

 

DWORD: ShowLogonOptions = 0

 

AltDefaultUserName = Tyler

 

AltDefaultDomainName = TEST

 

AutoAdminLogon = 0

 

KeepRasConnections = 1

 

DWORD: SFCSetting = -99

 

 

 

------------------------------------------

HKCU -> UserInit in NT:

 

 

ParseAutoexec = 1

 

ExcludeProfileDirs = Local Settings;Temporary Internet Files;Historique;Temp

 

DWORD: BuildNumber = 2600

 

 

 

------------------------------------------

HKLM -> UserInit:

 

* Registry key not found *

 

------------------------------------------

HKCU -> UserInit in NT:

 

* Registry key not found *

 

------------------------------------------

Running processes in NT / HKLM -> RUN (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in HKLM -> RUN (Autorun entries from Registry):

 

 

NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe

 

NvCplDaemon = RUNDLL32.EXE NvQTwk,NvCplDaemon initialize

 

SmcService = C:\PROGRA~1\Sygate\SPF\smc.exe -startgui

 

PinnacleDriverCheck = C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg

 

QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime

 

REGSHAVE = C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN

 

TkBellExe = "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

 

Windows Spooler = C:\WINDOWS\System32\spoolsv32.exe

 

Windows DLL Host = C:\WINDOWS\System32\dllhost32.exe

 

Media Access = C:\Program Files\Media Access\MediaAccK.exe

 

BullsEye Network = C:\Program Files\BullsEye Network\bin\bargains.exe

 

lsass = C:\windows\system32\elitewrd32.exe

 

 

 

------------------------------------------

Running processes in HKLM -> RUNONCE (Autorun entries from Registry):

 

* No values found *

 

------------------------------------------

Running processes in HKLM -> RUNONCEEX (Autorun entries from Registry):

 

* No values found *

 

------------------------------------------

Running processes in HKLM -> RUNSERVICES (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in HKLM -> RUNSERVICESONCE (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in NT / HKCU -> RUN (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in HKCU -> RUN (Autorun entries from Registry):

 

 

CTFMON.EXE = C:\WINDOWS\System32\ctfmon.exe

 

CursorXP = C:\themeGold55\CursorXP\CursorXP.exe -s

 

MsnMsgr = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

 

 

 

------------------------------------------

Running processes in HKCU -> RUNONCE (Autorun entries from Registry):

 

* No values found *

 

------------------------------------------

Running processes in HKCU -> RUNONCEEX (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in HKCU -> RUNSERVICES (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in HKCU -> RUNSERVICESONCE (Autorun entries from Registry):

 

* Registry key not found *

 

------------------------------------------

Running processes in HKLM -> Browser Helper Objects:

 

------------------------------------------

Programs in HKLM -> Common Startup:

 

Exif Launcher.lnk

Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk

 

------------------------------------------

 

 

 

Et Hijackthis :

 

 

Logfile of HijackThis v1.99.1

Scan saved at 17:34:51, on 4/09/2005

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Documents and Settings\Tyler\Bureau\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.search123forme.com/sp2.php

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.search123forme.com/sp2.php

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.search123forme.com/sp2.php

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.search123forme.com/sp2.php

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize

O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Windows Spooler] C:\WINDOWS\System32\spoolsv32.exe

O4 - HKLM\..\Run: [Windows DLL Host] C:\WINDOWS\System32\dllhost32.exe

O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe

O4 - HKLM\..\Run: [bullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe

O4 - HKLM\..\Run: [lsass] C:\windows\system32\elitewrd32.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe

O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr

O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)

O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.145/x15.chm::/trs15.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by20fd.bay20.hotmail.msn.com/resources/MsnPUpld.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

O23 - Service: Leadtek Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe

Lien vers le commentaire
Partager sur d’autres sites

Invité Stonangel

Re, télécharge EasyCleaner[/b] de Toni Helenius

http://personal.inet.fi/business/toniarts/ecleane.htm

 

miekiemoes' LQfix:

http://users.pandora.be/bluepatchy/LQfix.zip

Dézippe sur le sur le bureau mais ne le lance pas encore.

 

Désinstalle via Ajout/Suppression de programmes ces applications si présentes:

 

Media Access

 

BullsEye Network

 

Démarre en mode sans échec. Assure toi d'avoir accès à tous les fichiers.

 

Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :

Activer la case : Afficher les fichiers et dossiers cachés

Désactiver la case : Masquer les extensions des fichiers dont le type est connu

Désactiver la case : Masquer les fichiers protégés du système d'exploitation

Puis Appliquer

 

 

Démarre Hijackthis Do a system scan only, assure toi que la case Make Backups before fixing items est activée et coche les lignes suivantes :

 

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.search123forme.com/sp2.php

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.search123forme.com/sp2.php

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.search123forme.com/sp2.php

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.search123forme.com/sp2.php

 

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

 

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

 

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Windows Installer] C:\WINDOWS\System32\ntdll.exe

O4 - HKLM\..\Run: [Windows Spooler] C:\WINDOWS\System32\spoolsv32.exe

O4 - HKLM\..\Run: [Windows DLL Host] C:\WINDOWS\System32\dllhost32.exe

O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe

O4 - HKLM\..\Run: [bullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe

O4 - HKLM\..\Run: [lsass] C:\windows\system32\elitewrd32.exe

 

O4 - HKLM\..\Run: [system service65] C:\WINDOWS\etb\pokapoka65.exe

 

O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll

 

O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)

O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.145/x15.chm::/trs15.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by20fd.bay20.hotmail.msn.com/resources/MsnPUpld.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

 

Ferme toutes les fenêtres, tous les programmes et clique sur Fix checked

 

Supprime les fichiers/dossiers incriminés (s'ils existent encore):

 

C:\WINDOWS\System32\ntdll.exe

C:\WINDOWS\System32\spoolsv32.exe

C:\WINDOWS\System32\dllhost32.exe

C:\Program Files\Media Access

C:\Program Files\BullsEye Network

C:\windows\system32\elitewrd32.exe

C:\WINDOWS\etb

 

Exécute LQfix bat

 

Recache les fichiers système afin de ne pas faire d'erreur à l'avenir en sélectionnant ne pas afficher les fichiers cachés ou les fichiers système.

 

Exécute EasyCleaner Inutiles et Registre seulement. Ne pas toucher à la fonction doublon.

 

Redémarre et poste un nouveau rapport Hijackthis effectué en mode sans échec pour vérification.

Modifié par Stonangel
Lien vers le commentaire
Partager sur d’autres sites

Voila :P

 

 

Logfile of HijackThis v1.99.1

Scan saved at 18:40:07, on 4/09/2005

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\userinit.exe

C:\WINDOWS\Explorer.EXE

C:\Documents and Settings\Tyler\Bureau\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize

O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg

O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe

O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

O23 - Service: Leadtek Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe

Lien vers le commentaire
Partager sur d’autres sites

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...